I have a busybox router and I'm able to login to the console using telnet & I also have access to the web interface.

My question is, how can I create an ssh tunnel from my local network through the router so that I may be able to access my computer remotely? I'm looking for a command line based solution & I'm also aware of the fact that routers have low memory and very limited set of utilities. But although it's a minimal linux system having only a small subset of tools, but they do have utilities like route, iptables, etc. so I think may be it's possible.

Also my knowledge of busybox system is quite low so if I'm wrong somewhere, feel free to correct me.

Have you already looked at the web interface if you can configure port forwarding there?
–
jofelJul 2 '13 at 11:43

@jofel I'v successfully port forwarded via the web interface and now I'm able to access my ssh server remotely but I'm still curious if there's a manual, hardcore way of doing it via the cmdline.
–
irenicus09Jul 2 '13 at 12:01

If A is the same machine as X, and B is the same machine as Y, then the unencrypted legs never actually go over a real network; your web browser connects to localhost:8080 (tunnel start); the ssh server on X connects to localhost:80.

I have drawn some sketches

The machine, where the ssh tunnel command is typed is called »your host«.

Introduction

local: -L Specifies that the given port on the local (client) host is to be forwarded to the given host and port on the remote side.

ssh -L sourcePort:forwardToHost:onPort connectToHost means: connect with ssh to connectToHost, and forward all connection attempts to the localsourcePort to port onPort on the machine called forwardToHost, which can be reached from the connectToHost machine.

remote: -R Specifies that the given port on the remote (server) host is to be forwarded to the given host and port on the local side.

ssh -R sourcePort:forwardToHost:onPort connectToHost means: connect with ssh to connectToHost, and forward all connection attempts to the remotesourcePort to port onPort on the machine called forwardToHost, which can be reached from your local machine.

Your example

Home computer runs linux

This is image number three of my sketches. Is your home computer running linux? And you have a remotehost somewhere in the internet which has ssh on it and you can simply access it from your home computer using

ssh remotehost

Then you surely have ssh installed and you don’t even need the router to create your tunnel. Use the following command on your computer (the blue box called yourhost represents your home computer):

ssh -R 11111:localhost:22 remotehost

Now if you are sitting at the remotehost and want to connect to your home computer via ssh, use this command

ssh -p 11111 homeuser@localhost

which will start a ssh connection to the green port 11111 on your remotehost, which is forwarded through the ssh tunnel (which even passes your busybox router) and connect to the pink port 22 of your home computer’s localhost (which is your home computer itself).

Of course busybox can also establish the tunnel

This is image number 4 of my sketches. You are now sitting at (or logged into) the busybox. So yourhost is the busybox router.

ssh -R 11111:nearhost:22 remotehost

Now when you are at the remotehost, you type again

ssh -p 11111 busyboxuser@localhost

to connect to the green port 11111 which is then forwarded through the tunnel to the busybox, and from there it is connected to the pink port 22 of the nearhost (representing your home computer).